Public Key Cryptography (PKC)

Definition - What does Public Key Cryptography (PKC) mean?

Public key cryptography (PKC) is an encryption technique that uses a paired public and private key (or asymmetric key) algorithm for secure data communication. A message sender uses a recipient's public key to encrypt a message. To decrypt the sender's message, only the recipient's private key may be used.

The two types of PKC algorithms are RSA, which is an acronym named after this algorithm's inventors: Rivest, Shamir and Adelman, and Digital Signature Algorithm (DSA). PKC encryption evolved to meet the growing secure communication demands of multiple sectors and industries, such as the military.

PKC is also known as public key encryption, asymmetric encryption, asymmetric cryptography, asymmetric cipher, asymmetric key encryption and Diffie-Hellman encryption.

PKC facilitates secure communication through an insecure channel, which allows a message to be read by the intended recipient only. For example, A uses B's public key to encrypt a message to B, which can be decrypted using B's unique private key.

PKC maintains email privacy and ensures communication security while messages are in transit or stored on mail servers. PKC is also a DSA component used to authenticate a private key verifiable by anyone with authorized public key access, which validates message origin and sender. Thus, PKC facilitates confidentiality, data integrity, authentication and nonrepudiation, which form key information assurance (IA) parameters.

PKC is slower than secret key cryptography (or symmetric cryptography) methods, due to high computational requirements. Unlike symmetric cryptography, PKC uses a fixed buffer size, depending on particular and small data amounts, which may only be encrypted and not chained in streams. Because a broad range of possible encryption keys are used, PKC is more robust and less susceptible to third-party security breach attempts.

Indications of Compromise
- A recent study investigated the cybersecurity preparedness of 400 SMBs and enterprises across the US and the UK. The survey revealed unsettling overconfidence among respondents that a major breach or attack won’t happen to them.